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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings of claims in the 
application: 

Listing of Claims: 

Claim 1 . (Currently Amended) An electronic commerce card authentication 
system comprising: 

a central transaction server wherein the central transaction server: 

receives an authentication request from a cardholder system, wherein the 
authentication request was previously forwarded from a merchant system using an HTTP redirect 
command comprising the address of the central transaction server, wherein the authentication 
request includes a pseudonym corresponding to an electronic commerce card account number, 
wherein the pseudonym expires after a predetermined period of time , wherein the pseudonym is 
used for authentication ; 

forwards the authentication request to an access control server; 

relays authentication information between the access control server and 

the cardholder system; 

receives an authentication response from the access control server; and 
forwards the authentication response to the cardholder syste m, wherein the 
authentication response includes a second HTTP redirect command comprising the address of the 
merchant, wherein the cardholder system thereafter forwards the authentication response to the 
merchant system, ^-and wherein the merchant system analyzes the authentication response to 
determine if the electronic commerce card account number has been successfully authenticated 
and initiates a payment request process by submitting the electronic commerce card account 
number to an issuer of the electronic commerce card account number . 

Claim 2. (Previously Presented) The electronic commerce card authentication 
system of claim 1 , wherein the authentication response is translated to a format compatible with 
a merchant system. 
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Claim 3. (Previously Presented) The electronic commerce card authentication 
system of claim 1, wherein the central transaction server forwards a copy of the authentication 
response to an authentication history server to be archived. 

Claim 4. (Previously Presented) The electronic commerce card authentication 
system of claim 1 , wherein the central transaction server further receives a verifying enrollment 
request from a directory server, and sends a verifying enrollment response to the directory server. 

Claim 5. (Previously Presented) The electronic commerce card authentication 
system of claim 4, wherein the central transaction server sends the verifying enrollment response 
in response to a query to the access control server. 

Claim 6. (Previously Presented) The electronic commerce card authentication 
system of claim 4, wherein the central transaction server sends the verifying enrollment response 
to the directory server with or without querying the access control server, and further queries the 
access control server in response to receiving an authentication request. 

Claim 7. (Previously Presented) The electronic commerce card authentication 
system of claim 1 , wherein the pseudonym was previously created by the central transaction 
server. 

Claim 8. (Currently Amended) The electronic commerce card authentication 
system of claim 1 , wherein the the pseudonym was created by a merchant system. 

Claim 9. (Canceled) 

Claim 10. (Currently Amended) A method of authenticating electronic commerce 
card information provided by a cardholder, the method comprising: 
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receiving an authentication request from a cardholder system, wherein the 
authentication request was previously forwarded from a merchant system using an HTTP redirect 
command comprising the address of a central transaction server, wherein the authentication 
request includes a pseudonym corresponding to an electronic commerce card account number, 
wherein the pseudonym expires after a predetermined period of time , wherein the pseudonym is 
used for authentication ; 

forwarding the authentication request to an access control server; 

relaying authentication information between the access control server and the 
cardholder system; 

receiving an authentication response from the access control server; and 

forwarding the authentication response to the cardholder system , wherein the 
authentication response includes a second HTTP redirect command comprising the address of the 
merchant, wherein the cardholder system thereafter forwards the authentication response to the 
merchant system, T-and -whcrcin the merchant system analyzes the authentication response to 
determine if the electronic commerce card account number has been successfully authenticated 
and initiates initiating a payment request process by submitting the electronic commerce card 
account number to an issuer of the electronic commerce card account number . 

Claim 11. (Previously Presented) The method of claim 10, wherein the 
authentication response is translated to a format compatible with a merchant system. 

Claim 12. (Original) The method of claim 10, further comprising forwarding a 
copy of the authentication response to an authentication history server to be archived. 

Claim 13. (Original) The method of claim 10, further comprising receiving a 
verifying enrollment request from a directory server, and sending a verifying enrollment 
response to the directory server. 
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Claim 14. (Original) The method of claim 13, wherein the verifying enrollment 
response is sent in response to a query to the access control server. 

Claim 15. (Original) The method of claim 13, wherein the verifying enrollment 
response is sent to the directory server without querying the access control server, and further 
comprising querying the access control server in response to receiving an authentication request. 

Claim 16. (Previously Presented) The method of claim 10, wherein the 
authentication request was previously created by the central transaction server. 

Claim 17. (Previously Presented) The method of claim 10, wherein the 
pseudonym was previously created by a merchant system. 

Claim 18. (Canceled) 

Claim 19. (Currently Amended) An information storage medium including a set 
of instructions to operate an information processing device to perform a set of steps, the set of 
steps comprising: 

receiving an authentication request from a cardholder system, wherein the 
authentication request was previously forwarded from a merchant system using an HTTP redirect 
command comprising the address of the central transaction server, wherein the authentication 
request includes a pseudonym corresponding to an electronic commerce card account number, 
wherein the pseudonym expires after a predetermined period of time , wherein the pseudonym is 
used for authentication ; 

forwarding the authentication request to an access control server; 

relaying authentication information between the access control server and the 
cardholder system; 

receiving an authentication response from the access control server; and 

forwarding the authentication response to the cardholder syste m, wherein the 
authentication response includes a second HTTP redirect command comprising the address of the 
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merchant, wherein the cardholder system thereafter forwards the authentication response to the 
merchant system, -r-and -wherein the merchant system analyzes the authentication response to 
determine if the electronic commerce card account number has been successfully authenticated 
and initiates initiating a payment request process by submitting the electronic commerce card 
account number to an issuer of the electronic commerce card account number . 

Claim 20. (Previously Presented) The information storage medium of claim 19, 
wherein the authentication response is translated to a format compatible with a merchant system. 

Claim 21. (Original) The information storage medium of claim 19, wherein the set 
of steps further comprises forwarding a copy of the authentication response to an authentication 
history server to be archived. 

Claim 22. (Original) The information storage medium of claim 19, wherein the set 
of steps further comprises receiving a verifying enrollment request from a directory server, and 
sending a verifying enrollment response to the directory server. 

Claim 23. (Original) The information storage medium of claim 22, wherein the 
verifying enrollment response is sent in response to a query to the access control server. 

Claim 24. (Original) The information storage medium of claim 22, wherein the 
verifying enrollment response is sent to the directory server without querying the access control 
server, and the set of steps further comprise querying the access control server in response to 
receiving an authentication request. 

Claim 25. (Previously Presented) The information storage medium of claim 19, 
wherein the pseudonym was previously created by the central transaction server. 

Claim 26. (Previously Presented) The information storage medium of claim 19, 
wherein the pseudonym was previously created by a merchant system. 
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Claim 27. (Canceled) 

Claim 28. (Original) The method of claim 14, further comprising: 
receiving the verifying enrollment response from the access control server in 
response to the query; and 

forwarding the verifying enrollment response to the directory server. 

Claim 29. (Original) The method of claim 28, further comprising: 
modifying the verifying enrollment response received from the access control 

server; and 

forwarding the modified verifying enrollment response to the directory server. 
Claim 30. (Original) The information storage medium of claim 22, further 

comprising: 

receiving the verifying enrollment response from the access control server in 
response to the query; and 

forwarding the verifying enrollment response to the directory server. 

Claim 31. (Original) The information storage medium of claim 30, further 

comprising: 

modifying the verifying enrollment response received from the access control 

server; and 

forwarding the modified verifying enrollment response to the directory server. 

Claim 32. (Previously Presented) The system of claim 1 wherein the payment 
request process includes a charge request, wherein the charge request is generated by a merchant 
and is subsequently sent to an acquirer. 
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Claim 33. (Previously Presented) The method of claim 10 wherein the payment 
request process includes a charge request, wherein the charge request is generated by a merchant 
and is subsequently sent to an acquirer. 

Claim 34. (Currently Amended) A method performed by a central transaction 
server, the method comprising: 

receiving a verifying enrollment request; 

sending the verifying enrollment request to an access control server; 

receiving a verifying enrollment response from the access control server; 

creating an altered verifying enrollment response comprising a pseudonym; 

sending the altered verifying enrollment response to a merchant system, wherein 
the merchant system subsequently sends an authentication request including the pseudonym to a 
holder system, wherein the authentication request including the pseudonym sent to the holder 
system further comprises a web page containing a redirect command, wherein the redirect 
command is an HTTP redirect command, comprising the address of the central transaction 
server, wherein the pseudonym expires after a predetermined period of time , wherein the 
pseudonym is used for authentication ; 

receiving the authentication request with the pseudonym from the holder system; 

sending the authentication request with the pseudonym to the access control 

server; 

receiving an authentication response; and 

sending the authentication response to the holder system , wherein the 
authentication response includes a second HTTP redirect command comprising the address of the 
merchant system, wherein the holder system forwards the authentication response to the 
merchant system . 

Claim 35. (Previously Presented) The method of claim 34 wherein the holder 
system is a cardholder system. 
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Claim 36. (Previously Presented) The method of claim 34 wherein after the 
authentication response is sent to the holder system, the holder system sends the authentication 
response to the merchant system. 

Claim 37. (Previously Presented) The method of claim 34 further comprising, 
after sending the authentication response, initiating a payment request process. 

Claim 38. (Previously Presented) The system of claim 1, wherein the central 
transaction server further hosts at least one web page. 

Claims 39.-40. (Canceled) 

Claim 4 1 . (Previously Presented) The system of claim 1 wherein the 
predetermined time is 5 minutes. 

Claim 42. (Previously Presented) The method of claim 34 wherein the 
predetermined time is five minutes. 

Claim 43. (New) The method of claim 1 wherein the payment request process 
includes a cardholder authentication verification value which indicates the electronic commerce 
card has been successfully authenticated. 

Claim 44. (New) The method of claim 10 wherein the payment request process 
includes a cardholder authentication verification value which indicates the electronic commerce 
card has been successfully authenticated. 
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